Insider

Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!

healthcare data breach / medical patient privacy security violation

5 biggest healthcare security threats for 2021

Healthcare organizations can expect ransomware, botnets, cloud misconfigurations, web application attacks, and phishing to be their top risks.

A hook is cast at laptop email with fishing lures amid abstract data.
Tip

4 steps to prevent spear phishing

Your users are in the crosshairs of the best attackers out there. Follow these steps to better protect them.

Tech Spotlight   >   Cloud [CSO]   >   Conceptual image of laptop users with cloud security overlay.

AWS, Google Cloud, and Azure: How their security features compare

Each cloud platform differs in the security tools and features it offers customers to help them protect their cloud assets.

keeping the cloud secure cloud security lock padlock private cloud

The shared responsibility model explained and what it means for cloud security

The shared responsibility model (SRM) delineates what you, the cloud customer is responsible for, and what your cloud service provider is responsible for.

Microsoft Windows security  >  Windows laptop + logo with binary lock and key

6 minimum security practices to implement before working on best practices

Every Windows network admin can improve their security posture by focusing on these six basic areas.

Multifactor authentication  >  Mobile phone verification of a permission request for laptop login.

How to hack 2FA: 5 basic attack methods explained

As two-factor authentication becomes more widespread, criminals seek novel ways to subvert it. Here's what you need to know.

CSO > Invalidated cyber insurance

17 cyber insurance application questions you'll need to answer

Recent high-profile security incidents have tightened requirements to qualify for cyber insurance. These are the tougher questions insurance carriers are now asking.

Social engineering / social media security / privacy breach / fraud

How cybercriminals turn ‘harmless’ stolen or leaked data into dollars

By merging data from multiple sources, cybercriminals can build profiles of hacked account owners to enable other attacks or increase the effectiveness of social engineering campaigns.

malware attack

6 most common types of software supply chain attacks explained

Not all software supply chain attacks are the same. Here are the methods attackers currently use to corrupt legitimate software through third parties.

secure system / network security policy management

How to prepare for the demise of Windows NT LAN Manager

NTLM is a less secure protocol for authenticating Windows network access. Follow these steps to begin migration off it or to limit its use.

An anonymous hooded figure surrounded by an abstract network of connections and data.

The 10 most dangerous cyber threat actors

These are the most notorious global cybercriminal and state-sponsored groups according to security researchers.

vulnerable breach cyberattack hacker

How API attacks work, and how to identify and prevent them

Attackers know how to get around WAFs and API gateways when targeting APIs. Here's how some companies are coping with the rapid increase in API attacks.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation

8 things CISOs should be thinking about, but probably aren't

CISOs need to cover all the security bases. The problem is, some of the bases are easy to overlook.

SD-WAN  >  The concept of a visual transition from hardware cables to software code.

5 things CISOs want to hear about SASE at the RSA Conference

Organizations are planning for secure access service edge (SASE) but have questions on how to get from their current state to converged, cloud-delivered networking and security. They’ll be looking for answers at RSA.

Joanna Burkey, CISO, HP

HP CISO seeks to transform cybersecurity

HP CISO Joanna Burkey sees a pivot to business partnership as vital for cybersecurity’s success. Inspiring women to join the sector is essential to this shift.

New York City / digital technology framework / binary code

To better defend digital assets, follow physical security's playbook

It’s high time that the owners and managers of corporate networks take the same approach and sense of urgency to protecting corporate digital assets that their physical security counterparts have taken with building security.

cloud security / data protection / encryption / security transition

6 tips for better collaboration between security and cloud teams

Good communication, mutual understanding of each team's goals, and proper processes and infrastructure will ensure an effective working relationship between cloud and security teams.

A firmware message appears on a circuit board.

3 ways to prevent firmware attacks without replacing systems

Use these Microsoft Windows and Office features to mitigate the risk from firmware attacks. They are faster and cheaper than replacing computers.

CSO: Have you met these hackers? [slide 07]

Hacktivism’s reemergence explained: Data drops and defacements for social justice

A record amount of leaked data to expose far-right groups signals a more focused and serious approach to hacking for a cause. To understand the risk, CISOs should pay attention to the news.

cyberinsurance

Four years after NotPetya, cyber insurance is still catching up

Experts advise “terrified” insurers to better engage businesses to ensure long-term viability, and they advise businesses to track their policies closely.

Load More